Menu
Browse

Cyber Threat Actor: SkinnyHunters

Actor Type Location Known Incidents
 Icon
Criminal
United States of America
1 incident
Profile

SkinnyHunters is an alias used by a threat actor that has been publicly linked to activity in the United States of America. The alias appears in open-source reporting related to a specific cyber incident. No further biographical or organizational details about SkinnyHunters have been disclosed in public sources.

On June 19, 2023, SkinnyHunters was identified as one of the rival threat actors responsible for compromising the BreachForums cybercrime forum. The breach resulted in the exfiltration and subsequent publication of the forum’s user database. The incident occurred shortly after BreachForums had been revived by former members following the arrest of its original founder.

According to the leaked data, the database contained usernames, email addresses, passwords protected with cryptographic salts, and various user activity logs. The leak encompassed information for approximately 4,700 registered accounts. Independent verification confirmed the authenticity of the disclosed material.

The exposed credentials could enable subsequent credential‑stuffing or account‑takeover attempts against the affected individuals. Because the passwords were salted, direct reversal is computationally infeasible, but the hashes remain valuable for offline cracking efforts. The release also revealed patterns of forum usage that might assist in social engineering or targeting.

No other campaigns or operational details have been publicly attributed to SkinnyHunters at this time. Consequently, the BreachForums incident stands as the sole documented activity associated with the alias. Any further inferences about the actor’s goals, capabilities, or affiliations would exceed the information presently available.

Researchers and defenders should monitor for reuse of the leaked data in future malicious operations. Maintaining awareness of credential exposure helps mitigate downstream risks to users and services. Continued vigilance is advised until additional verifiable reporting emerges.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources